Posted on

ArcSight ESM/ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0 Log File directory traversal

A vulnerability, which was classified as problematic, has been found in ArcSight ESM and ArcSight ESM Express up to 6.9.1c Patch 3/6.11.0. This issue affects an unknown code block of the component Log File Handler. Applying the patch 6.9.1c Patch 4/6.11.0 Patch 1 is able to eliminate this problem. A possible mitigation has been published 4 weeks after the disclosure of the vulnerability.

Posted on

Exiv2 0.26 value.cpp read denial of service

A vulnerability, which was classified as problematic, has been found in Exiv2 0.26 (Image Processing Software). Affected by this issue is the function Exiv2::StringValueBase::read of the file value.cpp. Upgrading eliminates this vulnerability. A possible mitigation has been published 4 weeks after the disclosure of the vulnerability.

Posted on

Cisco IOS up to 15.6 Common Industrial Protocol CIP Packet denial of service

A vulnerability classified as problematic has been found in Cisco IOS up to 15.6 (Router Operating System). This affects some unknown functionality of the component Common Industrial Protocol Handler. It is possible to mitigate the weakness by firewalling . A possible mitigation has been published even before and not after the disclosure of the vulnerability.